Arnaud Claden wrote: > > I have a little problem with my implementation of CAS. > > I have tested the Active Directory SSO with SPNEGO : it works like a > charm.
Are you using Kerberos? If yes, did you turn off NTLM? > I have tested the fallback to LDAP : it works like a charm. > > The problem I have is the following : > > Some workstations are in offshore offices, which means they are not > connected to the Active Directory. For them, the LDAP fallback is the > solution. However, when Internet Explorer browses to a site with SSO, > it displays a domain logon window. This is natural as these > workstations have no security option configured (and they are not > intended to have these modifications). > > Is there a way to prevent this from happening ? I'd try to turn off the "Integrated Authentication" in the IE configuration on these offshore workstations so they don't try NTLM. Ciao, Michael. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
